Questions tagged [gnupg]

9 questions
5
votes
1 answer

Why does duplicity need a passphrase for OpenPGP encryption?

I'd like to use duplicity to backup files and I'd like to encrypt them with GnuPG. I was wondering why duplicity asks for a passphrase to encrypt the files. For asymmetric encryption the passphrase is only needed for decryption. I was using the…
john.dough
  • 103
  • 10
3
votes
1 answer

chroot, gpg-agent, and Ubuntu 18.04

For SFTP access to my server, I have created a sftp user that is limited to a working directory by chroot. Match User sftp-user AuthorizedKeysFile /home/sftp-user/.ssh/authorized_keys ChrootDirectory /var/www/domain ForceCommand…
BurninLeo
  • 860
  • 2
  • 11
  • 28
3
votes
1 answer

SSH with gpg-agent: order of keys

I have GPG set up to talk to SSH (with --enable-ssh-support). I have two keys: say 0x1234 and 0xABCD. Both keys have the following subkeys: a signing key an encryption key an authentication key Therefore, I have two different public keys when I…
adtac
  • 131
  • 2
2
votes
2 answers

How do I deploy my own GPG keyserver?

I would like to set up a read-only key-server operating by me where I am going to publish my own keys. So that anyone could do gpg --keyserver example.mymedia.su --receive-keys 0xDEADBEEF and get the key. Is it some sort of HTTP server? Is it enough…
mymedia
  • 121
  • 3
1
vote
0 answers

Multiple files encrypted with multiple GPG keys - how to easily add/remove/manage keys, automate key change tasks?

We have a bunch of files that contain sensitive information, that need to be accessed by several teams, but need to be unreadable to everyone else. Currently, each team member needs to generate their own GPG key pair and share their public key with…
Florin Andrei
  • 1,148
  • 1
  • 11
  • 18
1
vote
2 answers

Mailbox on-the-fly decryption (dovecot)

To avoid casual mailbox snooping for an IMAP server I am thinking of "transparent encryption" setup that would: Public key encrypt incoming messages at local delivery time Private key decrypt said messages at read time. (Here, the private key…
Alien Life Form
  • 2,279
  • 2
  • 21
  • 31
0
votes
1 answer

Installing GnuPG extension for PHP on Centos 6.9 Multiple PHP versions

I am trying to install gnuPG pecl module for PHP on a server where multiple PHP versions are install 5.3, 5.6 and 7.0. I was able to just use pecl install gnupg for the base 5.3 install. However when trying to manually phpize and ./configure for the…
Shaun Forsyth
  • 160
  • 1
  • 4
0
votes
1 answer

Compiling GnuPG links gpg2 to /lib instead of /usr/local/lib/

Occasionally I have to install new packages on servers. If I'm lucky, I can find an RPM, otherwise, I get to bang my head on the wall and attempt to compile a package. This time I get to compile GnuPG to get version 2.1.15. So I download all the…
Bob Smith
  • 15
  • 3
0
votes
1 answer

add-apt-repository fails due to gpg key timeout

I am running a Mail-in-a-Box server on Ubuntu 18.04. As part of the setup/update script, it attempts to execute the command add-apt-repository -y ppa:certbot/certbot. This fails with the following error message: FAILED: add-apt-repository -y…